VulnerableCode Package Details - pkg:alpm/archlinux/clamav@0.102.3-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/clamav@0.102.3-1

Essentials
History (2)

purl	pkg:alpm/archlinux/clamav@0.102.3-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-qtgd-uwy8-ffaw	Clamscan vulnerable to command injection clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue.	CVE-2020-7613 GHSA-5v25-xr56-phph
VCID-u3pj-kant-effb	Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition.	CVE-2020-3123

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:25:49.288611+00:00	Arch Linux Importer	Fixing	VCID-u3pj-kant-effb	https://security.archlinux.org/AVG-1168	38.0.0
2026-04-01T18:25:49.261182+00:00	Arch Linux Importer	Fixing	VCID-qtgd-uwy8-ffaw	https://security.archlinux.org/AVG-1168	38.0.0